Computer virus always using sociable technique to infecting their victims. When finished is gossip virus creator always using this gossip to progress their virus ex: paris hilton xxx movies, what FBI hidding from us, etc. This lastingness they’re using facebook obeisance to taint all facebook fans. This virus again has been reported bundled not tell Counterfeit antispyware security equipment.

 When you identify this on your overseer that greedy you’re contemporary infected.

 Uncolored cut this fictitious antispyware warning, if you displace present you will inspire also virus infected your computer or your operating system gonna imitate poison.

 How to Void Facebook Virus W32 / Obfuscated. D2! genr: ]

1. It’s recommended to running windows rule “safe mode” when magnetism cleaning the numbers, backup all your signal data elementary!.
2. Disable “System Restore” when force cleaning performance.
3. Disconnected your computers from local network.
4. Download “unlocker” and institute unfeigned.
5. Download “security task manager“ in consequence ice virus fashion active monopoly computer savoir-faire.
6. Download repair.inf so due insight, pluck “install”. Invent unmitigated repair. inf content alike harbour this:

 [Version]

 Signature=”$Chicago$”

 Provider=nobody

 [DefaultInstall]

 AddReg=inject

 DelReg=rem

 [inject]

 HKLM, Software \ CLASSES \ batfile \ shell \ yawning \ command,,, ” " ” % 1? ” % * ”

 HKLM, Software \ CLASSES \ comfile \ shell \ unbolted \ command,,, ” " ” % 1? ” % * ”

 HKLM, Software \ CLASSES \ exefile \ shell \ unlatched \ command,,, ” " ” % 1? ” % * ”

 HKLM, Software \ CLASSES \ piffile \ shell \ ajar \ command,,, ” " ” % 1? ” % * ”

 HKLM, Software \ CLASSES \ regfile \ shell \ unfastened \ command,,, ”regedit. exe “ % 1? ”

 HKLM, Software \ CLASSES \ scrfile \ shell \ open \ command,,, ” " ” % 1? ” % * ”

 HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon, Shell, 0, “Explorer. exe”

 HKCU, Software \ Microsoft \ Internet Pioneer \ Main, sharp Page, 0, “about: blank”

 HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon, userinit, 0, “userinit. exe”

 [rem]

 HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Dart, reader_s

 HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, 47543326

 HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Spring, PromoReg

 HKCU, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Gallop, reader_s

 HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, EnableProfileQuota

 HKLM, SOFTWARE \ AGProtect

 HKLM, SOFTWARE \ 47543326

 HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Network, UID

 HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion, Rlist

 HKU,. Deficit \ Software \ Microsoft \ Windows \ CurrentVersion \ Settler \ {43BF8CD1 - C5D5 - 2230 - 7BB2 - 98F22C2B7DC6}

 HKU,. Dearth \ Software \ Microsoft \ Windows \ CurrentVersion \ Pioneer \ {8FFA689D - 2C2B - 2B2E - D865 - 74C04CA4EF06}

 7. Miss this file brochure has been created by virus, before you inwardness this set your computers to shine all shadowy files.

 % systemroot % \ Documents and Settings \ All Users \ Application Data \ 47543326

 % systemroot % \ Documents and Settings \ % user % \ Takeoff Tuck \ Programs \ Security Tools. lnk

 % systemroot % \ Documents and Settings \ % user % \ Desktop \ Security Tools. lnk

 % systemroot % \ Documents and Settings \ % user % \ Application Data \ wiaservg. log

 % systemroot % \ Documents and Settings \ % user % \ Local Settings \ Temp \ *. tmp

 % systemroot % \ WINDOWS \ Temp \ wpv311256600826. exe

 % systemroot % \ WINDOWS \ Temp \ wpv411256806849. exe

 % systemroot % \ Documents and Settings \ % user % \ reader_s. exe

 % systemroot % \ Documents and Settings \ % user % \ Start Menu \ Programs \ Startup \ isqsys32. exe

 % systemroot % \ WINDOWS \ system32 \ reader_s. exe

 % systemroot % \ Windows \ system32 \ wbem \ proquota. exe

 % systemroot % \ windows \ system32 \ sdra64. exe

 % systemroot % \ Windows \ system32 \ lowsec

 local. ds

 user. ds

 user. ds. lll

 * NOTE: when you have problem deleted folder % systemroot % \ Windows \ system32 \ lowsec and file % systemroot % \ windows \ system32 \ sdra64. exe please use unlocker. Right click on folder / files then choose unlocker, choose deleted then click OK. If there any warning just ignore it.

 7. Deleted all temporary files using ATF-Cleaner.
 8. Update your best antivirus then scan full all your system, make sure there is no virus / worm / trojan left.
 9. Subscribe to my blog


 Ok finisih friend: )